Firewall Killing Bandwidth

mcserags · September 28, 2018, 6:32pm

Hopefully someone can answer this question. I’m fairly new to using Mikrotik. We are testing in a lab with two CCR1072 routers that are connected via 10GB fiber connections. With just a base configuration between the two, we are only getting about 6GB bandwidth as measured with iPerf. The test is with two Windows 10 machines with 10GB adapters. I want to know if this is a normal drop in throughput. Also, when we enable ANY firewall rule, even a fastpath rule, it knocks that 6GB speed down to about 2.5GB. Is this normal?

Thanks in advance!

pe1chl · September 28, 2018, 7:24pm

There is an upper limit to the speed you can achieve with a single session.
Remember the CCR1072 is a 72-core CPU router and it cannot distribute the processing of a single session over multiple cores, so you effectively get only 1/72 of its achievable performance when you test it this way.

olivier2831 · December 12, 2018, 1:38pm

What is it meant by “single session” ?
All traffic from a single Ethernet source targeted to a single Ethernet destination belongs to such session ?